Tacobell2000
asked on
dns errors show up in the event log: nx domain
Hello,
On 1 domain controller running Windows 2003 sp2 the event log is full of dns errors Event Id:7050. I enabled dns logging on the server and found this:
20080722 07:05:27 B8C PACKET UDP Rcv 72.29.224.33 3b60 R Q [8081 DR NOERROR] (6)bounce(4)geni(3)com(0)
20080722 07:05:27 B8C PACKET UDP Snd 10.1.0.0 6222 R Q [8081 DR NOERROR] (6)bounce(4)geni(3)com(0)
20080722 07:05:27 F6C PACKET UDP Rcv 10.1.0.0 a384 Q [0001 D NOERROR] (6)bounce(4)geni(3)com(0)
20080722 07:05:27 F6C PACKET UDP Snd 72.29.224.33 136d Q [0001 D NOERROR] (6)bounce(
20080722 07:05:27 2E4 PACKET UDP Snd 72.29.224.49 2b5a Q [0001 D NOERROR] (14)tastyhottreats(3)com(0
20080722 07:05:27 F6C PACKET UDP Rcv 72.29.224.49 2b5a R Q [8083 TDR NOERROR] (14)tastyhottreats(3)com(0
20080722 07:05:27 B8C PACKET UDP Rcv 72.29.224.33 136d R Q [8081 DR NOERROR] (6)bounce(4)geni(3)com(0)
20080722 07:05:27 B8C PACKET UDP Snd 10.1.0.0 a384 R Q [8081 DR NOERROR] (6)bounce(4)geni(3)com(0)
20080722 07:05:27 B8C PACKET UDP Rcv 10.1.0.0 21dd Q [0001 D NOERROR] (2)23(2)87(2)78(3)208(2)bl
20080722 07:05:27 B8C PACKET UDP Snd 72.29.224.33 0b74 Q [0001 D NOERROR] (2)23(2)87(2)78(3)208(2)bl
20080722 07:05:27 2BC PACKET TCP Snd 72.29.224.49 2b5a Q [0001 D NOERROR] (14)tastyhottreats(3)com(0
20080722 07:05:27 2BC EVENT The DNS server recv() function failed.
The event data contains the error.
20080722 07:05:27 B8C PACKET UDP Rcv 72.29.224.33 0b74 R Q [8381 DR NXDOMAIN] (2)23(2)87(2)78(3)208(2)bl
20080722 07:05:27 B8C PACKET UDP Snd 10.1.0.0 21dd R Q [8381 DR NXDOMAIN] (2)23(2)87(2)78(3)208(2)bl
20080722 07:05:27 B8C PACKET UDP Rcv 10.1.0.0 21dd Q [0001 D NOERROR] (2)23(2)87(2)78(3)208(7)sb
20080722 07:05:27 B8C PACKET UDP Snd 72.29.224.33 1b78 Q [0001 D NOERROR] (2)23(2)87(2)78(3)208(7)sb
The error in the event log shows that it happened at 07:05:27.
I have no idea how to interpret the above.
please help,
Tacobell2000
ASKER
yes....but do you think this is generating the DNS errors?
Tacobell2000
Tacobell2000
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks.
When an inbound email arrives, the sender and/or urls listed in the email are checked against realtime blacklists. In this case it looks like bl.spamcop.net and sbl-xbl.spamhaus.org.
Cheers,
Joel